Claims: We claim: 

1) An unsolicited message rejecting communications processor connected to 
message transfer agents 

MTAO with an Internet address of IP_0, from-address A O, declared domain of D_0, 
and actual domain of DD O, and 

MTA_1 with an Internet address of IP l and to-address A_l 
comprising: 

a) monitoring means for monitoring the communications between MTA_0 and 
MTAl; 

b) determining means for determining if the communications contains an unsolicited 
message; and 

c) intercepting means for intercepting a RCPT command from MTAJ) and sending 
an error reply to MTA_0 if the message is determined to be unsolicited. 

whereby MTA_1 controls the interaction between MTAJ) and MTA_1 before a RCPT 
command from MTA_0 is received and 

whereby the connection with MTA O is rejected before the data portion of the unsolicited 
message is transmitted. 

2) The unsolicited message blocking communications processor in Claim 1, further 

includes a allow_address database and wherein the determining means determines if 
a message is not unsolicited by checking if the IP_0 is in the allow_address database. 

3) The unsolicited message blocking communications processor in Claim 1, further 

includes a prevent_address database and wherein the determining means determines 
if a message is unsolicited by checking if IP O is in the prevent_address database. 
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4) The unsolicited message blocking communications processor in Claim 1, further 

includes access to a open relay database and wherein the determining means 
determines if a message is unsolicited by checking if IP O is in the open relay 
database. 

5) The unsolicited message blocking communications processor in Claim 1, further 

includes access to a DNS (domain name server) database and wherein the 
determining means determines if a message is unsolicited by checking if IP_0 has a 
domain name entry DD_0 in the DNS database. 

6) The unsolicited message blocking communications processor in Claim 1, further 

includes a bad_from database and wherein the determining means determines if a 
message is unsolicited by checking if the from-address A_0 is in the bad_from 
database. 

7) The unsolicited message blocking communications processor in Claim 1, further 

includes a suspect_domain database and wherein the determining means determines 
if a message is unsolicited by checking if the actual domain DD_0 matches the 
domain of from-address A O and the domain of from-address A_0 is in the 
suspect_domain database. 

8) The unsolicited message blocking communications processor in Claim 1 , wherein the 

determining means determines if a message is unsolicited by checking if the from- 
address A_0 matches the to-address (A_l). 

9) The unsolicited message blocking communications processor in Claim 1, further 

includes a no_filter database and wherein the determining means determines if the 
message is to be blocked if it is determined to be unsolicited. 
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10) The unsolicited message blocking communications processor in Claim 1, wherein the 
determining means determines if a message is unsolicited by checking if the declared 
domain D O of MTA_0 is the same as the domain D_l of MTA l . 

1 1) The unsolicited message blocking communications processor in Claim 1, wherein the 
determining means determines if a message is unsolicited by checking if the declared 
domain D_0 of MTA O does not match the real domain DD I and the declared 
domain D O is in the suspect domain database. 

12) The unsolicited message blocking communications processor in Claim 1, further 
includes a rejected_connection database which logs the time, from-address A_0, to- 
address A_l, and the reason for the rejection if a message is rejected if the message is 
determined to be unsolicited. 

13) The unsolicited message blocking communications processor in Claim 1, further 
includes a allowed_connection database which logs the time and to-address A_l if the 
message is determine not to be unsolicited. 
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14) A method for 

a receiving networked computer system with an Internet connection, a mail 
transport agent MTA_1, an Internet address IP_1, to-address A_l, and an 
operating system capable of executing the method 

to reject unsolicited messages from 

a transmitting networked computer system with an Internet connection and a 
message transfer agent MTAO, an Internet address IP O, from-address A_0, 
declared domain D O, and actual domain DD J) 

comprising the steps of: 

a) waiting for a new SMTP connection request; 

b) relaying and monitoring the replies from MTA O to MTA_1 ; 

c) relaying replies from MTA__1 to MTA O; 

d) intercepting the RCPT reply from MTAJ) to MTA_1 ; 

e) determining if the message is unsolicited by analyzing the monitored replies; 

f) releasing the intercepted RCPT reply if the message is determined not to be 
unsolicited; and 

g) sending a an error reply to MTAJ) if the message is determined to be unsolicited; 
whereby MTA_1 controls the interaction between MTA_0 and MTAl until a RCPT 
command is received from MTA_0 and 

whereby the connection with MTA O is rejected before the data portion of the 
unsolicited message is transmitted. 
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1 5) A method for 

a receiving networked computer system with an Internet connection, a mail 
transport agent MTA_1, IP address IP_1, a domain name D_l, a recipient, 
A_l, an allow_address database, a prevent_address database, a 
suspect_domain database, a bad_from database, a no_filter database, a 
rejected_connection database, an allowed_connection database, and an 
operating system capable of executing the method 
to reject unsolicited messages from 

a transmitting networked computer system with an Internet connection, a 
message transfer agent MTA_0, an IP address of IP_0, a declared domain 
name D_0, a real domain name DD_0, and a sender address of A_0 

comprising the steps of: 

a) waiting for a SMTP connection request on the receiving networked computer 
system's Internet connection; 

b) sending a 220 reply to MTA_0 to acknowledge the requested connection; 

c) extracting IP address IP_0 from the connection request; 

d) testing if the DNS database has a domain name DD_0 for IP_0; 

e) testing if IP O is in an open relay database; 

f) testing if IP_0 is in the allow_address database; 

g) testing if IPO is in the prevent_address database, 

h) requesting a connection with MTA_1 ; 

i) waiting for a 220 reply from MTA_1 to acknowledge the requested connection; 
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j) waiting for a reply from either MTAO or MTAJ ; 

k) jumping to step n) if the reply is not from MTAJ ; 

1) relaying the reply from MTA_1 to MTAJ); 

m) jumping to step j) to wait for a new reply; 

n) jumping to step t) if the reply from MTAJ) is not a HELO; 

o) extracting domain D J) from the reply; 

p) testing if declared domain D O of MTA_0 matches domain DJ of MTA_1 ; 

q) testing if declared domain D O does not match real domain DD_0 of MTA O 

AND declared domain D_0 is in the suspect_domain database; 

r) relaying the HELO reply from MTAJ) to MTAJ ; 

s) jumping to step j) to wait for a new reply; 

t) jumping to step z) if reply from MTAJ) is not a MAIL; 

u) extracting from-address A O; 

v) testing if A O is in the badjirom database; 

w) testing if DDJ) does not match the domain of A_0 and the domain of AJ) is in 

the suspect_domain database; 

x) relaying MAIL reply to MTA J ; 

y) jumping to step j) to wait for a new reply; 

z) jumping to step kk) if reply from MTAJ) is not a RCPT; 

aa) extracting to-address A J ; 
bb) testing if A J is in no_filter database; 

cc) testing if AJ) matches A J ; 
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dd) jumping to step hh) if NOT(t_allow OR t_no Jilter OR NOT ( t_prevent OR 
topen OR tJDD-) OR t bad from OR t_suspect Jomain OR t_echo Jomain 
OR tjorged Jomain)) ; 

ee) logging time and to-address A 1 in the allowed connection database; 

ff) relaying RCPT reply to MTA_1 ; 

gg) jumping to step j) to wait for a new reply; 

hh) logging the time, from-address A O, to-address A_l, and the reason for 

rejecting the connection in the rejected_connection database; 
ii) rejecting the connection to MTA_0 by sending a 550 reply to MTA_0; 
jj) jumping to step j) to wait for a new reply; 
kk) jumping to step w) if reply from MTA_0 is not DATA; 
11) relaying DATA reply to MTAJ; 
mm) waiting for a 354 reply from MTAJ; 
nn) relaying the 354 reply from MTAJ to MTAJ); 
oo) waiting for the data from MTAJ); 
pp) relaying the data from MTA_0 to MTAJ ; 
qq) waiting for a .\r\n from MTAJ); 
rr) relaying the .\r\n from MTAJ) to MTAJ ; 
ss) waiting for a 250 reply from MTAJ ; 
tt) relaying the 250 reply to MTAJ; 
uu) jumping to step j) to wait for a new reply; 

w) jumping to step yy) if reply from MTAJ is not RSET, SEND, SCML, SAML, 
VRFY, NOOP, EXPN, HELP, or TURN; 
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ww) relaying reply to MT A_ 1 ; 

xx) jumping to step j) to wait for a new reply; 

yy) jumping to step ddd) if reply from MTA_0 is not a QUIT; 

zz) relaying the QUIT reply to MTA_1 ; 

aaa) waiting for 221 reply from MTA_1 

bbb) relaying 221 reply from MTA l to MTAO; 

ccc) jumping to step a) to wait for a new connection; 

ddd) sending a 500 reply to MTA J) to signal a syntax error; and 

eee) jumping to step a) to wait for a new connection. 
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